package ${groupId}.service.security.filter;

import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import ${groupId}.service.security.authc.MallUsernamePasswordToken;

import lombok.Data;

/**
 * Created by h.p on 2018/12/4.
 */
@Data
public class MallFormAuthenticationFilter extends FormAuthenticationFilter {
    private static final Logger logger = LoggerFactory.getLogger(MallFormAuthenticationFilter.class);
    public static final String DEFAULT_LOGIN_TYPE_PARAM = "loginType";
    public static final String DEFAULT_CAPTCHA_PARAM = "captcha";

    private String bossPath;
    private String merchantPath;

    private String loginTypeParamName = DEFAULT_LOGIN_TYPE_PARAM;
    private String captchaParamName = DEFAULT_CAPTCHA_PARAM;


    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        //如果其他过滤器已经,验证失败了则禁止登陆,不再进行身份验证
        if (request.getAttribute(getFailureKeyAttribute()) != null) {
            return true;
        }
        String bossLoginUrl = bossPath+"/login";
        String merLoginUrl = merchantPath+"/login";
        if (this.pathsMatch(bossLoginUrl, request) || this.pathsMatch(merLoginUrl, request)) {
            /*if (this.isLoginSubmission(request, response)) {
                return true;
            } else {
                return true;
            }*/
            return true;
        } else {
            WebUtils.saveRequest(request);
            if (((HttpServletRequest) request).getRequestURI().contains(bossPath)) {
                WebUtils.issueRedirect(request, response, bossLoginUrl);
            } else {
                WebUtils.issueRedirect(request, response, merLoginUrl);
            }
            return false;
        }
    }

    /**
     * 重写登陆成功后的处理方法,使其跳转到指定的页面
     *
     */
    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        return true;
    }

    @Override
    protected void setFailureAttribute(ServletRequest request, AuthenticationException ae) {
        request.setAttribute(getFailureKeyAttribute(), ae);
    }

    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {
    	String username = getUsername(request);
        String password = getPassword(request);
        String loginType = getLoginType(request);
        String captcha = getCaptcha(request);
        boolean rememberMe = isRememberMe(request);
        String host = getHost(request);
        return new MallUsernamePasswordToken(username, password, rememberMe, host, loginType, captcha);
    }

    private String getLoginType(ServletRequest request) {
        return WebUtils.getCleanParam(request, getLoginTypeParamName());
    }

    private String getCaptcha(ServletRequest request) {
        return WebUtils.getCleanParam(request, getCaptchaParamName());
    }
}
